Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2009-2200

Published: 12 August 2009

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.

Notes

AuthorNote
mdeslaur
appears to be mac/win specific

Priority

Low

Status

Package Release Status
webkit
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(end of life, was needs-triage)
intrepid Ignored
(end of life, was needs-triage)
jaunty Ignored
(end of life, was needs-triage)
upstream Needs triage

Patches:
upstream: http://trac.webkit.org/changeset/44905
upstream: http://trac.webkit.org/changeset/44909
kdelibs
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
hardy Ignored
(end of life)
intrepid Ignored
(end of life, was needs-triage)
jaunty Ignored
(end of life, was needs-triage)
upstream Needs triage

kde4libs
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(end of life, was needs-triage)
intrepid Ignored
(end of life, was needs-triage)
jaunty Ignored
(end of life, was needs-triage)
upstream Needs triage

qt4-x11
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life, was needs-triage)
hardy Ignored
(end of life)
intrepid Ignored
(end of life, was needs-triage)
jaunty Ignored
(end of life, was needs-triage)
upstream Needs triage